Adapun langkah-langkah membuat router dan proxy yang kami lakukan adalah sebagai berikut : * install linux server

* konfigurasi kartu jaringan # nano /etc/netwotk/interfaces auto lo iface lo inet loopback auto eth0 iface eth0 inet static address netmask gateway auto eth1 iface eth1 inet static address netmask gateway * masukkan dns-nameserver # nano /etc/resolv.conf nameserver * restart network-nya # /etc/init.d/networking restart # ping # ping * edit sysct1.conf # nano /etc/sysct1.conf hilangkan tanda # pada net.ipv4.ip_fordward=1 * sharing internet eth0 ke eth1 # iptables -F # iptables -X # iptables -t nat -F # iptables -t nat -X # iptables -t mangle -F # iptables -t mangle -X # iptables -P INPUT ACCEPT # iptables -P FORWARD ACCEPT

# iptables -P OUTPUT ACCEPT # echo 1 > /proc/sys/net/ipv4/ip_forward # iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE * agar setiap server start perintah itu dijalankan, masukkan perintah tersebut ke /etc/rc.local # nano /etc/rc.local #!/bin/sh -e # # rc.local # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will exit 0 on success or any other # value on error. # # In order to enable or disable this script just change the execution # bits. # # By default this script does nothing. echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE exit 0 * sampai disini pembuatan router telah selesai, selanjutnya tinggal install squid dan konfigurasi proxy * install squid # apt-get install squid * buat directory cache untuk proxy # mkdir /cache # chmod 777 /cache * konfifgurasi /etc/squid/squid.conf # nano /etc/squid/squid.conf acl all src acl manager proto cache_object acl localhost src acl lan src acl to_localhost dst acl SSL_ports port 443 # https

acl SSL_ports port 563 # snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 631 # cups acl Safe_ports port 873 # rsync acl Safe_ports port 901 # SWAT acl purge method PURGE acl CONNECT method CONNECT acl porno url_regex -i /etc/squid/porno.txt no_cache deny porno http_access deny porno all acl situslarangan dstdomain /etc/squid/situs.txt no_cache deny situslarangan http_access deny situslarangan all http_access allow lan http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all icp_access allow all http_port 3128 transparent hierarchy_stoplist cgi-bin ?

cache_mem 672 MB cache_dir ufs /cache 30000 16 256 access_log /var/log/squid/access.log squid acl QUERY urlpath_regex cgi-bin \? refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 cache_effective_user proxy cache_effective_group proxy visible_hostname hosts_file /etc/hosts * buat file porno.txt di /etc/squid/ untuk memasukkan daftar kata-kata yg akan diblokir # nano /etc/squid/porno.txt * buat file situ.txt di /etc/squid/ untuk memasukkan daftar situs-situs yang diblokir # nano /etc/squid/situs.txt * edit kembali rc.local yg dibuat tadi dan masukkan script untuk membelokkan request dari port 80 ke port proxy 3128 # sudo nano /etc/rc.local #!/bin/sh -e # # rc.local # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will exit 0 on success or any other # value on error. # # In order to enable or disable this script just change the execution # bits. # # By default this script does nothing. echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -i eth1 -p tcp -dport 80 -j DNAT to iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE exit 0 * restart server

* cek file access.log # nano /var/log/squid/access.log atau # tail -f /var/log/squid/access.log jika squid berjalan normal maka akses terhadap proxy akan tersimpan di file ini Referensi : * InfoLINUX Edisi 06/2010 * Blog Pak Muzakkir * Slackers Makassar NB : Jika ada kesalahan saya minta maaf karena saya masih pemula dan masih dalam proses belajar jadi kemungkinan melakukan kesalahan sangat besar. Mohon masukannya

